A national survey of Americans shows a majority fear that cyber warfare is imminent and that the country will attack or be attacked in the next decade. Despite the threat, Americans also believe both the government and private sector networks are ill prepared for a surge in cyber conflict.

A group of 1,021 adults in the U.S. over age 18 responded to the by Tenable Network Security survey last week, amid a surge of headlines about hacking of private networks from China and an Executive Order issued by President Obama demanding new cybersafety standards for government and corporate networks.

The survey shows that 60 percent of Americans who responded support increasing government spending to train and equip “cyberwarriors” to defend the U.S. against outside attacks. Only 10 percent of respondents are opposed to this increase in spending.

Also, a stunning 93 percent of Americans believe that U.S. corporations and businesses are at least somewhat vulnerable to state-sponsored attacks. Even more, 95 percent believe U.S. government agencies themselves are at least somewhat, to very, vulnerable to cyberattacks. And, 94 percent of Americans who responded say they support the President having the same level of authority to react to cyberattacks as he has to respond to physical attacks on the country.

“It’s clear American citizens see the threat of cyber conflict around the corner, and the nation’s state of readiness for such attacks is a major concern,” said Ron Gula, a former cyber security expert with the NSA and now CEO and CTO of Tenable Network Security.

“Americans also want to see more done in both the public and private sector, with the government leading the way in setting standards and ensuring that important networks are protected. Given this strong level of support across age groups and demographics, we may see cyber security move up the list of critical policy and legislative proposals,” Gula continued.

Americans who responded to the survey express conflicting sentiments about whether the public or private sector should shoulder responsibility for protecting corporate networks. Sixty-six percent of respondents in the survey believe corporations should be held responsible for cyber breaches when they occur. But an almost equal number of Americans, 62 percent, say government should be responsible for protecting U.S. businesses and corporations from cyberattacks.

“I think these rather conflicting results on who should be held accountable reveal that Americans want both the public and private sector working closely together on cyber security,” Gula said. “I think they clearly want the government to be a better first line of defense but they also want to make sure U.S. Corporations are equally diligent in guarding against cyberattacks.”

Additional key highlights from the report:

92 percent of Americans believe public utilities are vulnerable to state-sponsored cyberattacks

If the U.S. were to undergo a cyberattack, Americans are most concerned about disruption to utilities – such as water, electric and gas (37 percent)

Americans age 65 or over believe the U.S.’s engagement in cyber warfare to be more likely, with 26 percent saying they considered the U.S. “very likely” to engage in such attacks in the next ten years; only nine percent of Americans ages 25-34 believe it “very likely”

Men are in greater support of increased spending to equip “cyberwarriors” than women (68 percent vs. 54 percent).

Spotlight

Microsoft Edge, the new browser in Windows 10, represents a significant increase in the security over Internet Explorer. However, there are also new potential threat vectors that aren’t present in older versions.

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Sun Tzu's writings have been studied throughout the ages by professional militaries and can used to not only answer the question of whether or not we are in a cyberwar, but how one can fight a cyber-battle.

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.